refactor edge templates

Author: ikethecoder

sdx/chart/sdx-edge/Chart.yaml

@@ -1,24 +1,6 @@
 apiVersion: v2
 name: sdx-edge
-description: A Helm chart for Kubernetes
-
-# A chart can be either an 'application' or a 'library' chart.
-#
-# Application charts are a collection of templates that can be packaged into versioned archives
-# to be deployed.
-#
-# Library charts provide useful utilities or functions for the chart developer. They're included as
-# a dependency of application charts to inject those utilities and functions into the rendering
-# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+description: A Helm chart for deploying an SDX Edge Server to a Kubernetes cluster
 type: application
-
-# This is the chart version. This version number should be incremented each time you make changes
-# to the chart and its templates, including the app version.
-# Versions are expected to follow Semantic Versioning (https://semver.org/)
 version: 0.1.0
-
-# This is the version number of the application being deployed. This version number should be
-# incremented each time you make changes to the application. Versions are not expected to
-# follow Semantic Versioning. They should reflect the version the application is using.
-# It is recommended to use it with quotes.
 appVersion: "3.9.1"

sdx/chart/sdx-edge/README.md

@@ -1,11 +1,12 @@
-# SDX Security Edge
+# SDX Edge server
 
-The SDX Security Edge chart deploys the following components:
+The SDX Edge chart deploys the following components:
 
 - Kong Data Plane
 - Fluentbit
 - Prometheus
 - Cert Renewal Job
+- Cert Bootstrap Job
 
 On Openshift environments, the Kong Data Plane is a passthrough from the Openshift HAProxy.
 
@@ -24,23 +25,17 @@ helm push sdx-edge-0.1.0.tgz oci://ghcr.io/bcgov/aps-devops
 
 ## Deployment
 
-> `TOKEN` is a one-time-use token for calling the CA to get a new client certificate for mTLS and signing
-
-In your working directory, create the following structure:
-
-- `tls.crt` : TLS certificate from a public CA
-- `tls.key` : TLS certificate key from a public CA
+> `TOKEN` is a one-time-use token for calling the CA to get a new certificate for mTLS and signing
 
 ```sh
-export DOMAIN="sdx.gov.bc.ca"
-export EDGE_ID="sdxgov"
+export IP="<INTERNET_FACING_IP]"
+export EDGE_ID="<EDGE NAME>"
+export DOMAIN="${EDGE_ID}.servers.sdx"
 
 helm upgrade --install ${EDGE_ID} \
-  --set-file tls.ca=sdx_ca.crt \
-  --set-file tls.server.crt=tls.crt \
-  --set-file tls.server.key=tls.key \
   --set tls.client.bootstrap.token=$TOKEN \
-  --set tls.client.cn=${EDGE_ID}.edge.sdx \
+  --set tls.client.cn=${DOMAIN} \
+  --set tls.server.ip=${IP} \
   --set route.host=${DOMAIN} \
-oci://ghcr.io/bcgov/aps-devops/sdx-edge:0.1.0
+  oci://ghcr.io/bcgov/aps-devops/sdx-edge:0.1.0
 ```